Hello! Downloading an unencrypted backup is dangerous. Android devices, for example, will immediately make the file availabe to any app in the Downloads folder, which is insecure. These apps could access this file and gain control over the home assistant.
There needs to be an option to download the backup in encrypted form for those who want to download just to save on another place like Proton Drive without using any integration.
Also it says “Encrypted” and then a button “ˋDownload from this location” which makes the user think he’s downloading an encrypted file
I don’t think they will revert to forcing people to encrypt their backup files, since many people specifically requested the ability to have unencrypted backups or the ability to download the backup without it if the file was uploaded to Nabu Casa Cloud.
I don’t think itś a good idea if you can download a copy of the Nabu Casa account credentials as plaintext inside the backup.
Im personally not running anything that would probably do that, but thousands of people could. Theres no way to know which apps scan the Downloads folder and the UI tricks people into thinking they are downloading the encrypted version
I agree, unencrypted backups will always be easier from the perspective of restoring, but its unsafe to store credentials in plaintext, specially the home assistant cloud ones. Theres potentially even credentials for Google and other services via the integrations, it does not seem like a good idea to have them in plaintext on a phone.
I think changing the UI to “download unencrypted from this location” and adding also the option “download encrypted from this location” would be nice
I mean, the credentials to Home Assistant Cloud are stored unencryted in the unencrypted backup download, as well as credentials to Google and other integrations
Please go read the January backups mega thread in it’s entirety… There’s well over 1200 posts.Most of them are very VERY against an encrypted backup. Me included my thoughts are I that thread and I’m not saying it again.
Why are we going through the same thing AGAIN? There is a whole thread about it, as said above (find it and read it, you’ll see what majority wants), and majority of users were for keeping unencrypted backup available, so topic was discussed, solved and closed. End of story.
But… since you ask… if you download unencrypted backup to your phone then you should really ask yourself why the heck did you do that? What are you trying to achieve? Restore whole HA via phone? You can’t really do anything sensible via phone other than turn on lights, open doors or similar…
Then again - what app would access this backup? I mean - what app did you install that you really shouldn’t, since it obviously steals data without your permission?
Common sense is the main thing here against attack. No password or anything will protect anyone against stupidity.
Sorry for reviving an old discussions, I will read the thread. Im new to HA, I started using this month for real finally so Im still not used to all the story.
hi, i certanly think that you have a point, the backups should be encrypted by default, BUT, the restoration process should be alligned to that to allow the users flexiblity in chosing what to restore…, and there should be a process to retrieve the keys if you have lost them. and there will probably be a lot more parameters to think about, untill then, we should have the option to backup without encryption.
But backups ARE encrypted, if user chooses to do so, and are mandatory when stored in cloud(s).
What’s “stupid” is encrypting a file, stored on a non encrypted partition, which HA is… in this case no-one will bother decrypting your encrypted backup, but will rather “steal” live production files, stored in the same place, just in another subfolder, don’t you think?
hi, i am not intrested in reviving the discussions again, but new users should be informed why certain things do not work as they expect ( at the moment?), instead of politely asking them to read a post with 1200 comments
